Workspace ONE is incredibly powerful. But with so many features and functions, its no wonder people can get lost when working out where to start on configuring it to test with your scenarios in your environment.
As part of VMware Testdrive, other than getting access to a pre-configured testing environment and walkthroughs you also get a full fledged trial environment we refer to as a Sandbox.
This has all the capabilities of Workspace ONE where you can integrate it with all services to test it in your environment with real users and real devices.
So, this is where this guide comes in. Even I struggle to explain or give a place for my customers to go for all they need to get started. I’ll add to the below information over time but this will be enough to get you started with Workspace ONE as part of a pilot or proof of concept.
Before we get started, I’ve recorded some videos to help explain what we talk.
Title | Topics Covered |
---|---|
I explain what emails you’ll receive as part of your VMware Testdrive trial and how to enable your Workspace ONE Sandbox. | |
Workspace ONE Sandbox Overview
|
I cover how to get your log in details for your own Testdrive Sandbox and how to access the administrative Consoles. We also cover offf a basic overview of the Workspace ONE UEM and VMware Identity Manager/Workspace ONE Access Consoles to get your started. |
Disclaimer: The steps and information I am giving are to help you on your way and are by no means definitive, complete or to be used with warranty for a production deployment. They’re also not intended to replace VMware Professional Services or Deployment Services by our VMware Partners.
Now that’s out of the way.
I’ve made some assumptions that most of you know what I am talking about when it comes to all things Workspace ONE within each post, but I’ll clear some things up.
Workspace ONE UEM: This is the Unified Endpoint Management Console. For those who have used it before, its the old Airwatch Product.
Workspace ONE Access: This is what used to be known as VMware Identity Manager. You’ll see it referred to as both names through my blog as we’re still transition naming. This is where you configure Single Sign On, its the Application Portal and essentially what End-Users see on their browsers and Intelligent Hub applications.
What this guide won’t cover:
- How to make your deployment Production Ready. We have services and Partners for that if you need more assistance.
- High Availability or Disaster Recovery. This is barebones, just enough to get it working.
- Apple Business Manager or Volume Purchase Program integration. I don’t have a ABM or VPP account as they’re not the easiest to get when you’re not a business!
So here’s the non-definitive guide, in order, to building your own barbecue Sandbox!
Title | What You’ll Learn | What You’ll Need |
---|---|---|
Part 1 – Installing Airwatch Cloud Connector and Configuring Directory Services in Workspace ONE UEM | How to configure the ability to authenticate users with Active Directory in Workspace ONE UEM. | Ability to create service accounts in AD, a domain joined VM, administrator account access to Workspace ONE UEM. |
How to configure the ability to authenticate users with Active Directory in Workspace ONE Access. | Ability to create service accounts in AD, a domain joined VM, adminstrator account access to Workspace ONE Access | |
How to integrate UEM and Access to build a Unified Digital Workspace. | Admin accounts for Workspace ONE UEM and Workspace ONE Access. | |
How to set up autodiscovery so your users can enrol with their email address. | A valid email address for domain verification. | |
Configure Workspace ONE Access to authenticate Active Directory users. | Admin account for Workspace ONE Access | |
Create a certificate signing request to upload to Apple and generate a APNs certificate for iOS device enrollment. | An AppleID specifically for this use case. | |
Configure Android Enterprise integration to enroll Android Devices. | A Gmail account that hasn’t been used for Android Enterprise before. | |
Part 8 – Configuring Workspace ONE UEM for Windows 10 enrollment | Setup Windows Autodiscovery to enrol Windows 10 devices using an email address. | A valid SSL certificate (see post for more info) and the ability to create DNS entries for your external FQDN. |
Overview of Organisation Groups and how to use them to create a good structure in Workspace ONE UEM. Also how to target specific devices granularly using Smart Groups. | Admin account for Workspace ONE UEM | |
How to create profiles for devices and what the general settings mean | Admin account for Workspace ONE UEM | |
How to configure a SSO Profile for iOS devices in Workspace ONE UEM and enable the Mobile SSO (for iOS) authentication method. | An admin account or Workspace ONE UEM and Workspace ONE Access | |
The different ways and requirements for enrolling Android Devices into Workspace ONE UEM. | Admin account for Workspace ONE UEM and an Android Device | |
How to add iOS applications, configure them if supported and assign to a group of devices. | Admin account for Workspace ONE UEM | |
How to approve and import applications from the Google Play Store for Work. | Admin account for Workspace ONE UEM and the Gmail account used for Android Enterprise configuration. | |
How to deploy traditional Win32 Apps for Windows 10 devices. | Admin account for Workspace ONE UEM | |
Part 16 – Configuring Mobile Single Sign On for Android (coming soon)
|
Please leave any comments or suggestions in the comments below!
Leave a Reply